Ready to get started?

Download a free trial of the Active Directory Data Provider to get started:

 Download Now

Learn more:

Active Directory Icon Active Directory ADO.NET Provider

Rapidly create and deploy powerful .NET applications that integrate with Active Directory Users, Groups, Roles, Contacts, and more!

Automate Active Directory Integration Tasks from PowerShell

Are you in search of a quick and easy way to access Active Directory data from PowerShell? This article demonstrates how to utilize the Active Directory Cmdlets for tasks like connecting to Active Directory data, automating operations, downloading data, and more.

The CData Cmdlets for Active Directory are standard PowerShell cmdlets that make it easy to accomplish data cleansing, normalization, backup, and other integration tasks by enabling real-time and bidirectional access to Active Directory.

PowerShell Cmdlets or ADO.NET Provider?

The Cmdlets are not only a PowerShell interface to Active Directory, but also an SQL interface; this tutorial shows how to use both to create, retrieve, update, and delete Active Directory data. We also show examples of the ADO.NET equivalent, which is possible with the CData ADO.NET Provider for Active Directory. To access Active Directory data from other .NET applications, like LINQPad, use the CData ADO.NET Provider for Active Directory.

Once you have acquired the necessary connection properties, accessing Active Directory data in PowerShell can be enabled in three steps.

To establish a connection, set the following properties:

  • Valid User and Password credentials (e.g., Domain\BobF or cn=Bob F,ou=Employees,dc=Domain).
  • Server information, including the IP or host name of the Server, as well as the Port.
  • BaseDN: This will limit the scope of LDAP searches to the height of the distinguished name provided.

    Note: Specifying a narrow BaseDN may greatly increase performance; for example, cn=users,dc=domain will only return results contained within cn=users and its children.


  1. Install the module:

    Install-Module ActiveDirectoryCmdlets
  2. Connect:

    $activedirectory = Connect-AD -User "$User" -Password "$Password" -Server "$Server" -Port "$Port"
  3. Search for and retrieve data:

    $cn = "Administrator" $user = Select-AD -Connection $activedirectory -Table "User" -Where "CN = `'$CN`'" $user

    You can also use the Invoke-AD cmdlet to execute SQL commands:

    $user = Invoke-AD -Connection $activedirectory -Query 'SELECT * FROM User WHERE CN = @CN' -Params @{'@CN'='Administrator'}


  1. Load the provider's assembly:

    [Reflection.Assembly]::LoadFile("C:\Program Files\CData\CData ADO.NET Provider for Active Directory\lib\System.Data.CData.ActiveDirectory.dll")
  2. Connect to Active Directory:

    $conn= New-Object System.Data.CData.ActiveDirectory.ActiveDirectoryConnection("User=cn=Bob F,ou=Employees,dc=Domain;Password=bob123;Server=;Port=389;") $conn.Open()
  3. Instantiate the ActiveDirectoryDataAdapter, execute an SQL query, and output the results:

    $sql="SELECT Id, LogonCount from User" $da= New-Object System.Data.CData.ActiveDirectory.ActiveDirectoryDataAdapter($sql, $conn) $dt= New-Object System.Data.DataTable $da.Fill($dt) $dt.Rows | foreach { Write-Host $ $_.logoncount }

Update Active Directory Data


Update-AD -Connection $ActiveDirectory -Columns @('Id','LogonCount') -Values @('MyId', 'MyLogonCount') -Table User -Id "MyId"


$cmd = New-Object System.Data.CData.ActiveDirectory.ActiveDirectoryCommand("UPDATE User SET CN='Administrator' WHERE Id = @myId", $conn) $cmd.Parameters.Add((New-Object System.Data.CData.ActiveDirectory.ActiveDirectoryParameter("@myId","10456255-0015501366"))) $cmd.ExecuteNonQuery()

Insert Active Directory Data


Add-AD -Connection $ActiveDirectory -Table User -Columns @("Id", "LogonCount") -Values @("MyId", "MyLogonCount")


$cmd = New-Object System.Data.CData.ActiveDirectory.ActiveDirectoryCommand("INSERT INTO User (CN) VALUES (@myCN)", $conn) $cmd.Parameters.Add((New-Object System.Data.CData.ActiveDirectory.ActiveDirectoryParameter("@myCN","Administrator"))) $cmd.ExecuteNonQuery()

Delete Active Directory Data


Remove-AD -Connection $ActiveDirectory -Table "User" -Id "MyId"


$cmd = New-Object System.Data.CData.ActiveDirectory.ActiveDirectoryCommand("DELETE FROM User WHERE Id=@myId", $conn) $cmd.Parameters.Add((New-Object System.Data.CData.ActiveDirectory.ActiveDirectoryParameter("@myId","001d000000YBRseAAH"))) $cmd.ExecuteNonQuery()